"More APTs Eye Managed Service Providers in Supply Chain Attacks"

Sophisticated threat groups are increasingly compromising Managed Service Providers (MSPs) and launching supply chain attacks against their small and medium-sized downstream customers. The analysis of data from more than 200,000 small and medium-sized businesses (SMBs), including regional MSPs, between the first quarters of 2022 and 2023 revealed the increased interest of APTs in this segment as a means to launch attacks against a large number of companies in a single geographic region. MSPs, in conjunction with solution providers and resellers, help end users with the deployment, customization, and management of cloud services and other technologies. Regional MSPs serve customers in concentrated geographic areas. Compromising these organizations could enable attackers to target "trusted relationships" between MSPs and their customers. According to Proofpoint, regional MSPs protect hundreds of SMBs local to their geography, many of which have inadequate and often non-enterprise-grade cybersecurity defenses. APT actors have observed this disparity between the levels of protection offered and the potential for gaining access to desirable end-user environments. This article continues to discuss APT groups increasingly targeting MSPs. 

Decipher reports "More APTs Eye Managed Service Providers in Supply Chain Attacks"